package com.bohua.bohua.conf;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

import javax.annotation.Resource;

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Resource
    private UserDetailsService userDetailsService;

    @Bean
    public PasswordEncoder getEnncoder(){
        return new BCryptPasswordEncoder();
    }
    /**
     * 用户签名，验证用户密码是否正确，密码编码器
     * @param auth 用户签名管理器，使用userDeatails来完成用户签名
     * @throws Exception
     */
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
       auth
               .userDetailsService(userDetailsService)
               .passwordEncoder(getEnncoder());
    }
    @Override
    public void configure(WebSecurity web) throws Exception {
       web
               .ignoring()
               .antMatchers("/**.js","/css/**","/images/**","/font/**","/lay/**");
    }
    @Override
    protected void configure(HttpSecurity http) throws Exception {
       http
               .authorizeRequests()
               .anyRequest().authenticated()
               .and()
               .formLogin()
               .loginPage("/login")
               .defaultSuccessUrl("/").permitAll()
               .and()
               .logout().logoutSuccessUrl("/logout.html").permitAll()
               .and()
               .rememberMe().tokenValiditySeconds(86400).key("remember-token");
    }
}
